Azure credentials for Cloud Management

Azure credentials for Cloud Management

Azure credentials for Cloud Management

You must create a special credential — a Service Principal — to integrate with
Microsoft’s Azure cloud technology. Depending on how permissions are set up, the process might
require the assistance of your organization’s Active Directory or Azure
administrators.

Create an Azure service principal

Lot of information needs to be gathered from the Azure portal to create an Azure
service principal. You need to get the ID’s and the keys necessary to get Azure and ServiceNow successfully
integrated.

Before you begin

Role required: sn_cmp.cloud_admin

Role required: sn_cmp.cloud_admin

A safe keeping space (text editor, OneNote, Evernote, etc.)

Procedure

Log in to the Azure portal, navigate to Azure Active
Directory.

In the Properties section, in the Directory
ID field, click the copy to clipboard
shortcut and paste the UUID in a text editor for safe keeping. Label this UUID
as Directory ID.

Navigate to the App registrations section and click
New application registration or the plus icon at the
top of the page.

Enter a name for the integration credentials in the Name
field. As an example, ServiceNow Integration. Leave the default value (Web
app/API) as is in the Application type field.

Enter a valid URL, for example, a ServiceNow instance URL, in the
Sign-on URL field.

Figure 1. Create integration credentials

After the integration credential is created, select the application from the
list. Hover the mouse over the Application ID, click
copy to clipboard and then paste the Application ID
in the text editor where you had earlier saved the Directory ID. Label it as
Application ID.

Click the Keys section. Enter a description for the key
in the Key description field and a duration with the
value Never Expires in the
Duration field.

You may have policies that restrict key durability. Choose the duration
appropriate for your organization.

Click Save. Copy and paste the key in a text editor and
label this key as Application key.

To enable the service principal to work with various Azure subscriptions,
navigate to Subscriptions. If multiple subscriptions are
to be managed, you need to repeat the following steps, step 10 to step 12, for
each subscription.

Copy and paste the subscription ID in a text editor and label it as
Subscription ID. Navigate to the subscription, select Access Control
(IAM) from the menu and click + Add at
the top of the screen.

Select the value contributor from the
Role field. Let the default value Azure AD
user, group, or application remain as is in the
Assign access to field.

Select the name you created in step 4 in the Select
field and click Save.

Figure 2. Add permissions

Create Azure service principal for Cloud Management

You create a special credential — a Service Principal — to integrate with Microsoft’s
Azure cloud technology. Depending on how permissions are set up, the process might require
the assistance of your organization’s Active Directory or Azure administrators.

Before you begin

Role required: sn_cmp.cloud_admin

A service principal on the Azure portal. Make sure that your user settings
in Azure allow users to register applications. Also make sure that the
Directory role is not set to user when users cannot create applications. You
can always contact your Azure administrator to create a service
principle.

The Azure application ID, the key, and the directory ID from the Azure
portal.